My information Resource (blog.mir.net)

Verbatim Americas, LLC joined its parent company, Mitsubishi Kagaku Media (Verbatim/MKM) today in announcing that the first shipments of its new 60GB UDO2 (Ultra Density Optical) Write-once (WORM) media are expected to begin in May. Based on the license agreement with Alliance Storage Technologies, MKM will start producing UDO2 WORM in April at its optical disc manufacturing facility in Mizushima, Japan. MKM, a key developer and manufacturer of UDO media, has been manufacturing premium-quality 30GB UDO1 WORM and RW (rewriteable) media at this factory since 2004 and will continue to do so. Verbatim/MKM will also offer 60GB UDO2 RW media and expects to begin shipping in June.

Like UDO1, UDO2 media uses a single layer recording surface. However, compared to first-generation UDO1, which provides a 30GB media capacity and a maximum read performance of 8MB/sec., UDO2 doubles the media capacity to 60GB and the maximum read performance is increased by 50 percent to 12MB/sec.

With Verbatim/MKM’s 60GB UDO2 write-once media, users can be confident that their recorded data can never be changed or altered. Write-once security and a data life of 50 years make this media the best choice for long-term archives that demand record authenticity. UDO2 technology has also been adopted as the recognized technology standard by ISO, IEC and ECMA, three of the top technical standards organizations in the world.

You need to read the new proposed law and make comments !

Some issues include;

LICENSING AND CERTIFICATION OF CYBERSECURITY PROFESSIONALS.
(a) IN GENERAL.—Within 1 year after the date of enactment of this Act, the Secretary of Commerce shall develop or coordinate and integrate a national licensing, certification, and periodic recertification program for cybersecurity professionals.

Other issues are

MANDATORY LICENSING.-Beginning 3 years after the date of enactment of this Act, it shall be unlawful for any individual to engage in business in the United States, or to be employed in the United  States, as a provider of cybersecurity services to any Federal agency or an information system or network designated by the President, or the President’s designee, as a critical infrastructure information system or network, who is not licensed and certified under the program.

Read the proposed law http://cdt.org/security/CYBERSEC4.pdf

The Microsoft Application Compatibility Toolkit (ACT) 5.5 helps you understand  application compatibility situation by identifying which applications are compatible with the Windows 7 RC and Windows Vista® operating system and which require further testing. ACT helps customers lower their costs for application compatibility testing, prioritize their applications, and deploy Windows more quickly

You can use the ACT features to:

• Verify an application’s compatibility with a new version of the Windows operating system, or a Windows Update, including determining your risk assessment.
• Become involved in the ACT Community, including sharing your risk assessment with other ACT users.
• Test your Web applications and Web sites for compatibility with new releases and security updates to the Windows® Internet Explorer® Internet browser.

You can download the Microsoft Application Compatibility Toolkit (ACT) here

Free Book offer this month they will be giving away

The two e-books for April are:

• Windows Small Business Server 2008 Administrator’s Companion (Pro—Administrator’s Companion) by Charlie Russel and Sharon Crawford
• Microsoft Visual Basic 2008 Express Edition: Build a Program Now! by Patrice Pelland

The Links will ONLY Work April – April 15-22.

Visit any Barnes & Noble Booksellers or shop online at bn.com from now thru May 5, 2009 to SAVE 40% off select Microsoft Press IT Professional guides for Windows Server 2008, SQL Server 2008, Visual Basic 2008,  and more.

This is a GREAT DEAL….

Microsoft Security Intelligence Report, which showed a significant increase in rogue security software and evidence that threats are predominantly targeting common third-party desktop applications. This version of the report also showed that the No. 1 reason for data breaches remains lost and stolen computer equipment.

Rogue security software, also known as “scareware,” takes advantage of users’ desire to keep their computers protected. The rogue software lures them into paying for protection that, unknown to them, is actually malware offering little or no real protection, and is often designed to steal personal information. The Microsoft Security Intelligence Report shows that such programs are now among the top threats around the world. For example, two rogue families, Win32/FakeXPA and Win32/FakeSecSen, were detected on more than 1.5 million computers by Microsoft software, catapulting them into the top 10 threats in the second half of the year. In addition, Win32/Renos, a threat that is used to deliver rogue security software, was detected on 4.4 million unique computers, an increase of 66.6 percent over the first half of 2008

For home user to learn how to protect you computer go to http://www.microsoft.com/protect

Enterprise customers should use the Microsoft Security Assessment Tool (MSAT), available at http://technet.microsoft.com/en-us/security/cc185712.aspx, to help assess weaknesses in their IT security environment and build a plan to address the risks.

To see the full report go to http://www.microsoft.com/sir.

Microsoft has a new search engine that it is working on

Looks like next version of Live go to http://www.kumo.com/

The New Cost-Effective Technology Foundation

Microsoft has see the trend in netbooks and has announced a new technology for a server for up to 15 users. Windows Server Foundation lets employees exchange data securely, without requiring e-mail or the Internet access, on  local network It’s an affordable platform for the core portfolio of IT capabilities, including file and print sharing, remote access and security. A simple and familiar Windows experience makes it easy for organizations to get up and running.

 

 

 

 

 

This will be sold via OEM or Microsoft partners.

To learn more go to the Windows Server 2008 Foundation site

I been asked can you give me a list of privacy breaches. There are many site on the internet where you can go to find this information.

The site I reference many time during my talks is www.privacyrights.org/

The link to the directly see A Chronology of Data Breaches is here.

This show ho many companies have issues with protecting private data. over 253,743,138 records containing sensitive personal information have been expose as of today, THAT we know of !

Microsoft Security Advisory (969136)

Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution

Published: April 2, 2009

Version: 1.0

Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) program to provide information that they can use to provide broader protections to customers.

Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

Customers in the U.S. and Canada who believe they are affected can receive technical support from Security Support or 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. For more information about available support options, see Microsoft Help and Support.

International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

Mitigating Factors:

•

An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

•

In a Web-based attack scenario, an attacker would have to host a Web site that contains an Office file that is used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker’s Web site, and then convincing them to open the specially crafted PowerPoint file.

•

The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.

•

Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save, or Cancel before opening a document. The features of the Office Document Open Confirmation Tool are incorporated in Office XP and later editions of Office.